This repository builds apps where the AI agent and UI are equal partners:
everything the UI can do, the agent can do through the same SQL data and action
surface. Keep this file small. Put detailed workflows in .agents/skills/* and
read the relevant skill before changing that area.
- Stay on the current git branch. Never create, switch, delete, reset, rebase, stash, or otherwise move branches unless the user explicitly asks for that exact branch operation in the current task.
- Never add
Co-Authored-Byor other agent attribution to commits. - PRs use the current branch unless the user explicitly requests a new branch. PRs are ready for review by default, not drafts, unless requested.
- Never use
[codex],codex, or similar agent labels in user-visible GitHub metadata unless explicitly requested. - On every response, consider whether the chat title still matches the work.
- Use sub-agents liberally for complex independent work when Agent Teams are available; keep the main thread focused on orchestration.
- When adding package dependencies or framework integrations, verify the current
latest version first with
npm view/pnpm viewor current docs. Do not rely on remembered versions. - Write few code comments. Only comment a constraint the code cannot show, such as a non-obvious trap a future change would otherwise reintroduce. Never comment what the next line does, why a change is correct, or where it came from. Keep a comment that earns its place to a line or two; prefer clearer names and smaller functions over prose.
- When changing docs under
packages/core/docs/content, update the matching localized docs underpackages/core/docs/content/locales/*when the source meaning changes. If translations cannot be updated in the same change, call out the specific locales that need follow-up; reviewers should flag docs changes that only update one language.
Every final response must end with a three-line status block:
---
⠀
🟢 Actual concise status sentenceThe words after the icon are a short, task-specific status written for this
response; never use the placeholder text Brief status literally. Use 🟢
when the requested coding/work unit is finished on the current branch, even if
routine commit/PR/deploy/CI remains. Use 🟡 when non-routine work or a manual
step is still pending. Use 🔴 only when blocked on user input.
- Data lives in SQL via Drizzle by default. Explicit Local File Mode artifacts
declared through
agent-native.jsonmay use repo files as the source of truth, but app state, auth, settings, and hosted/collaborative mode still use SQL. Keep schemas provider-agnostic. - Actions are the single source of truth. Define app operations in
actions/withdefineAction; the agent calls them as tools and the frontend calls the shared action surface throughuseActionQuery/useActionMutation. - Client code imports named helpers, hooks, or client modules instead of
hand-writing REST calls to framework routes or template
/api/*routes. If a browser workflow needs a route and no helper exists, add the helper first and teach that method in docs/skills instead of teaching rawfetch. - Before adding any custom API or Nitro route for app data, inspect existing actions first. Reuse or extend the action surface instead of creating REST wrappers, pass-through endpoints, or duplicate CRUD routes that re-export actions.
- For provider integrations used in ad hoc analysis, querying, reporting, or
cross-source research, prefer the shared
provider-api-catalog,provider-api-docs, andprovider-api-requestaction pattern from@agent-native/core/provider-apiinstead of hardcoding one action per provider endpoint/filter. This is a framework tenet: first-class actions are ergonomic shortcuts, not artificial capability limits. When the upstream API can express an endpoint, filter, pagination mode, or payload, agents should have a safe way to call it directly through the provider API substrate. If an app stores provider credentials on resource/share rows, add a scoped resolver that preserves those access checks before exposing raw provider requests. - Treat Clay as a credentialed GTM provider API, not as a messaging channel.
Hosted access uses
CLAY_PUBLIC_API_KEYthrough the provider API substrate; the optional local Clay CLI/MCP plugin has a separate browser-login session and must not be required, auto-installed, or vendored by default. Its public repository currently declares no license. Use n8n and Zapier as automation/workflow or remote MCP connections rather than provider presets. - For composable workspace workflows, prefer many focused headless or small-UI
mini-apps that discover and call each other over A2A instead of one oversized
app. Pass artifact ids, URLs, and bounded summaries between apps instead of
pasting large provider dumps through prompts. Read
composable-mini-appsbefore designing cross-app orchestration. - All AI work goes through the agent chat. UIs do not call LLMs directly.
- Application state belongs in SQL
application_stateso the agent can know the current navigation, selection, and focused object. - Polling keeps UIs in sync through
useDbSync()and/_agent-native/poll. - The agent can modify app code; design UI and data flows with that in mind.
Every feature must touch the four areas when applicable: UI, actions, skills or instructions, and application state.
- Plan's
/route is the Ask Plan chat surface. Use it for product and code questions backed by visual plans, merged PR recaps, and visual answers. - For historical product questions like "what shipped last week", "when did this
API change", or "what did that UI look like", call
search-pr-recapsfirst. The default scope is merged pull requests only. Include unmerged PR recaps only when the user explicitly asks for unmerged or in-progress work. - After finding a recap, call
get-visual-planand inspect structured blocks:wireframe,diagram,api-endpoint,openapi-spec,data-model,diff,file-tree,tabs, andannotated-code. - For live code questions like "what is the API spec for this", "what does this
look like now", or "what is the schema model for x", use
visual-answerafter inspecting the real code through the local repo, the Plan bridge, or GitHub. - Before generating or updating visual content, call
get-plan-blocksorlist-plan-components. Custom components become chat-visible only after they are registered in the normalized schema, shared/server registry, and browser registry.
- Schema changes must be additive. Never drop, rename, truncate, or destructively alter tables or columns in migrations or startup code.
- SQL stores structured app state, metadata, references, and searchable text. Do
not store large raw payloads — files, images, videos, audio, PDFs, ZIPs,
screenshots, session replay chunks, thumbnails,
data:URLs, or base64 file bodies — in SQL tables,application_state,settings, orresources. Use configured file/blob storage (uploadFile,putPrivateBlob, provider object storage) and persist only URLs, ids, or opaque handles. In hosted or persistent DB mode, fail closed with setup guidance instead of falling back to SQL blobs. - Never use
drizzle-kit pushagainst production databases. - Tables with
ownableColumns()require scoped reads and writes throughaccessFilter,resolveAccess, orassertAccess. Custom Nitro routes must establish request context before querying ownable data. - Never hardcode API keys, tokens, webhook URLs, signing secrets, private Builder/internal data, customer data, or credential-looking literals in source, docs, tests, fixtures, screenshots, prompts, or generated extension/app content. Use obviously fake placeholders in examples.
- Do not copy provider tokens into apps when a workspace integration grant can be used. Vault/secrets own secret values; apps own app-specific readers and interpretation.
- Use the
security,storing-data,sharing,portability, andintegration-webhooksskills for implementation details.
- TypeScript everywhere. Do not add
.jsor.mjssource files. - Run oxfmt on modified source files.
- Use shadcn/ui primitives for standard controls and dialogs. Do not build custom dropdowns/popovers/modals with absolute positioning.
- Use Tabler Icons for UI icons. Do not use emojis as first-party icons.
- No browser
alert,confirm, orprompt; use shadcn dialogs. - Agent prompt inputs must use the shared composer stack:
AgentComposerFrame,PromptComposer, andTiptapComposer. - Background agents must use the core run-manager / agent-teams infrastructure unless working on the existing local Code exception.
- Logged-in app pages can be CSR. Public/SEO pages must SSR real content.
- Every SSR HTML and React Router
.dataresponse is one impersonal, public shell, hard-cached at the CDN for every visitor. Never addprivate,no-store,Vary: Cookie, session/cookie reads, or auth branches to the SSR path — personalization is client-side after load. Enforced byguard:ssr-cache-shellandssr-handler.spec.ts; do not weaken either. - UIs should be optimistic by default: update cache and navigate immediately, roll back on error, and avoid click-blocking spinners except for destructive or irreversible operations.
- Keep template UX clean and progressively disclosed. Do not solve feedback by adding always-visible controls unless that is clearly the main workflow.
- Use the
frontend-design,shadcn-ui,client-side-routing,native-navigation,real-time-sync, anddelegate-to-agentskills for details.
- Publishable package source changes in
packages/core,packages/dispatch,packages/scheduling, orpackages/pinpointneed a.changeset/*.md. - Do not manually bump package versions; changesets handle versions on merge.
- The public template allow-list is controlled by
packages/shared-app-config/templates.tsplus mirrored CLI/docs surfaces. Hidden templates must not appear in public catalogs unless they are explicitly unhidden first. - When you ship a user-facing change to a template app (new capability, visible
improvement, or behavior-affecting fix), record it from that app with
agent-native changelog add "<one user-facing sentence>" --type <added|improved|fixed>. This writes a changeset-style pending entry underchangelog/;changelog releaserolls pending entries into the app'sCHANGELOG.md, which renders in the command menu (Cmd+K → "What's new") and settings. Skip refactors, tooling, and tests. See thechangelogskill.
Extensions are sandboxed Alpine.js mini-apps stored in SQL. When the user asks
to create or edit an extension/widget/dashboard/calculator/mini-app, use the
extension actions and extensionData instead of source changes. Extensions can
call appAction for app actions/data, dbQuery, dbExec, appFetch for
allowed framework endpoints, and extensionFetch for external APIs from the
iframe bridge. Use the extensions skill for the full rules.
app/ React frontend
actions/ App operations exposed to agent and frontend
server/ Nitro API, plugins, DB, framework routes
packages/core/ Framework runtime
packages/dispatch/ Dispatch package
packages/scheduling/ Scheduling package
templates/*/ Template apps
.agents/skills/ Detailed implementation guidanceRead the relevant skill before making changes in that area:
adding-a-featurefor the four-area checklist.feature-flagsfor default-off production rollouts, shared evaluation, operator targeting, and removing stale flags after rollout.context-xrayfor inspecting and managing the live agent context window.actionsfor action definitions and invocation.data-programsfor stored, cached data-source scripts bound to app panels.storing-data,portability,security,sharingfor data work.audit-logfor the automatic action-level audit trail (who changed what, when, agent vs human) and the scopedlist-audit-eventsread surface.performancefor keeping lists, reads, and page loads fast — column projection, indexing hot-path queries, and avoiding round-trip waterfalls.reliable-mutationsfor writing data so it persists under the hosted run budget — one atomic call, never loop many small writes, verify and report proof-of-done, fail loud on cutoff.real-time-sync,context-awareness,client-side-routingfor UI state.native-navigationfor link-first internal navigation that preserves Cmd/Ctrl-click, middle-click, keyboard, and accessibility behavior.client-methodsfor browser/client APIs that must use named helpers instead of raw REST calls.delegate-to-agentfor LLM/agent delegation.agent-native-toolkitfor deciding whether settings, app chrome, collaboration, sharing, navigation, organization, comments, or history belong in reusable framework/toolkit primitives.composable-mini-appsfor many one-job headless apps that discover siblings and compose throughinvoke/call-agent.visual-answerfor code/product questions answered as visual Plan artifacts.harness-agentsfor full agent runtimes like Claude Code, Codex, Pi, Cursor, or Mastra.self-modifying-codefor source edits by the agent.upgrade-agent-nativefor bringing an older app/workspace to current@agent-native/*packages without patching core/dispatch.upgrade-agent-nativefor bringing an older app/workspace to current@agent-native/*packages without patching core/dispatch.server-pluginsfor/_agent-native/*routes and plugins.authentication,onboarding,secretsfor setup/auth/credentials.automations,recurring-jobs,integration-webhooksfor background work.frontend-design,shadcn-uifor interface work.changelogfor the per-app user-facing "What's new" CHANGELOG workflow.extensionsfor sandboxed mini-apps.generative-uifor transient or persisted sandboxed inline chat UI.observability,tracking,voice-transcription,a2a-protocol,external-agents, and template-specific skills as needed.